Kapisi/roles/ShadowArch/tasks/raspbian-network.yml

---

  - name: Rasbian network packages
    become: yes
    package:
        name:
          - netbase
        state: present

  - name: Rasbian network config
    become: yes
    when: not static
    copy:
        src: raspbian-interfaces
        dest: "/etc/network/interfaces"
        owner: root
        group: root
        mode: 0644

  - name: Rasbian network config (static)
    become: yes
    when: static
    template:
        src: raspbian-static.j2
        dest: "/etc/network/interfaces"
        owner: root
        group: root
        mode: 0644

  - name: Raspbian wireless
    become: yes
    command:
        cmd: /bin/bash -c "wpa_passphrase {{ wireless_ssid }} '{{ secrets['Shadownet']['ssid_passphrase'] }}' > /etc/wpa_supplicant.conf"
        creates: '/etc/wpa_supplicant.conf'

  - name: Raspbian wireless hardening
    become: yes
    file:
        path: '/etc/wpa_supplicant.conf'
        state: file
        owner: root
        group: root
        mode: 0600

  - name: Ensure keys
    become: yes
    command: /bin/bash -c 'chmod go-rwx /etc/ssh/*key'
Whitespace cleanup to get in sync with AniNIX/Uniglot hooks 2022-11-20 20:03:01 -06:00			`---`
Catching up with current successes 2022-01-25 23:54:43 -06:00
			`- name: Rasbian network packages`
			`become: yes`
			`package:`
			`name:`
			`- netbase`
			`state: present`

			`- name: Rasbian network config`
			`become: yes`
			`when: not static`
			`copy:`
			`src: raspbian-interfaces`
			`dest: "/etc/network/interfaces"`
			`owner: root`
			`group: root`
			`mode: 0644`

Whitespace cleanup to get in sync with AniNIX/Uniglot hooks 2022-11-20 20:03:01 -06:00			`- name: Rasbian network config (static)`
Catching up with current successes 2022-01-25 23:54:43 -06:00			`become: yes`
			`when: static`
			`template:`
			`src: raspbian-static.j2`
			`dest: "/etc/network/interfaces"`
			`owner: root`
			`group: root`
			`mode: 0644`

			`- name: Raspbian wireless`
			`become: yes`
			`command:`
Updates for Raspberry Pi 12 Bookworm 2024-07-23 14:18:32 -05:00			`cmd: /bin/bash -c "wpa_passphrase {{ wireless_ssid }} '{{ secrets['Shadownet']['ssid_passphrase'] }}' > /etc/wpa_supplicant.conf"`
Catching up with current successes 2022-01-25 23:54:43 -06:00			`creates: '/etc/wpa_supplicant.conf'`

			`- name: Raspbian wireless hardening`
			`become: yes`
			`file:`
			`path: '/etc/wpa_supplicant.conf'`
			`state: file`
			`owner: root`
			`group: root`
			`mode: 0600`
Evolution of deployment 2023-11-30 02:47:16 -06:00
			`- name: Ensure keys`
			`become: yes`
			`command: /bin/bash -c 'chmod go-rwx /etc/ssh/*key'`